Method and system for discovering user equipment in a network

ABSTRACT

A system and method for discovering user equipment in a network is disclosed. According to one embodiment, a discovery proxy periodically scans an access router that serves a target user equipment and collects an address assignment record of the target user equipment via the access router. The discovery proxy passes the address assignment record to a discovery server, and the discovery server identifies a location of the target user equipment based on the address assignment record of the target user equipment.

CROSS REFERENCE TO RELATED APPLICATION

This application is a continuation of U.S. application Ser. No.14/512,283, filed Oct. 10, 2014, now U.S. Pat. No. 10,285,038, which isincorporated by reference in its entirety.

FIELD

The present disclosure generally relates to network communications and,more particularly, to a method and system for discovering user equipmentin a network.

BACKGROUND

An Internet service provider (ISP) builds a packet network to enableusers to access various services over the Internet. Unlike a networkthat evolved from a telephony network, some ISPs do not support voice,email, and other services in-house. The ISPs control the network accessby users by provisioning a security mechanism in an access node (e.g., anetwork router, a switch) and user equipment (UE) (e.g., a cable-modem).However, small ISPs may lack a sophisticated security mechanism such asan operation support system (OSS) and a subscriber management systemthat a large telephone company typically implements.

Some ISPs provide wireless access to user devices via a point-to-pointradio link from a directional antenna on a building roof to a radiotower. Other ISPs may rely on wireless hotspots with omnidirectionalantennas to connect users. A user may be a credit-card holder who uses acredit-card transaction to substitute an authentication to the network.

Some ISPs may distribute subscriber-related information to an accessedge of their network, however the distribution of subscriber-relatedinformation presents challenges to an ISP network operator foridentifying and isolating packet traffic of a specific user.Furthermore, the ISP networks must support various types of access nodesand UE nodes. The distribution of subscriber-related information furthermakes it difficult for the ISP network operator to manage their networkwhile providing security to the users and meeting regulatory complianceobligations.

SUMMARY

A system and method for discovering user equipment in a network isdisclosed. A system and method for discovering user equipment in anetwork is disclosed. According to one embodiment, a discovery proxyperiodically scans an access router that serves a target user equipmentand collects an address assignment record of the target user equipmentvia the access router. The discovery proxy passes the address assignmentrecord to a discovery server, and the discovery server identifies alocation of the target user equipment based on the address assignmentrecord of the target user equipment.

The above and other preferred features, including various novel detailsof implementation and combination of elements, will now be moreparticularly described with reference to the accompanying drawings andpointed out in the claims. It will be understood that the particularmethods and apparatuses are shown by way of illustration only and not aslimitations. As will be understood by those skilled in the art, theprinciples and features explained herein may be employed in various andnumerous embodiments.

BRIEF DESCRIPTION OF THE DRAWINGS

The accompanying drawings, which are included as part of the presentspecification, illustrate the various embodiments of the presentdisclosed system and method and together with the general descriptiongiven above and the detailed description of the preferred embodimentgiven below serve to explain and teach the principles of the presentdisclosure.

FIG. 1 illustrates system architecture of an exemplary ISP network,according to one embodiment;

FIG. 2 illustrates a schematic diagram of an exemplary ISP networkincluding a management system, according to one embodiment;

FIG. 3 illustrates an exemplary discovery process of target userequipment in an ISP network, according to one embodiment;

FIG. 4 illustrates an exemplary process for monitoring connectivitystatus of target user equipment in an ISP network, according to oneembodiment; and

FIG. 5 illustrates an exemplary computer architecture that may be usedfor the present system, according to one embodiment.

It should be noted that the figures are not necessarily drawn to scaleand that elements of structures or functions are generally representedby reference numerals for illustrative purposes throughout the figures.It also should be noted that the figures are only intended to facilitatethe description of the various embodiments described herein. The figuresdo not describe every aspect of the teachings described herein and donot limit the scope of the claims.

DETAILED DESCRIPTION

A system and method for discovering user equipment in a network isdisclosed. A system and method for discovering user equipment in anetwork is disclosed. According to one embodiment, a discovery proxyperiodically scans an access router that serves a target user equipmentand collects an address assignment record of the target user equipmentvia the access router. The discovery proxy passes the address assignmentrecord to a discovery server, and the discovery server identifies alocation of the target user equipment based on the address assignmentrecord of the target user equipment.

In the following description, for purposes of clarity and conciseness ofthe description, not all of the numerous components shown in theschematic are described. The numerous components are shown in thedrawings to provide a person of ordinary skill in the art a thoroughenabling disclosure of the present system and method. The operation ofmany of the components would be understood to one skilled in the art.

Each of the additional features and teachings disclosed herein can beutilized separately or in conjunction with other features and teachingsto provide a detachable frame for a mobile computer. Representativeexamples utilizing many of these additional features and teachings, bothseparately and in combination, are described in further detail withreference to the attached drawings. This detailed description is merelyintended to teach a person of skill in the art further details forpracticing preferred aspects of the present teachings and is notintended to limit the scope of the present disclosure. Therefore,combinations of features disclosed in the following detailed descriptionmay not be necessary to practice the teachings in the broadest sense andare instead taught merely to describe particularly representativeexamples of the present teachings.

Moreover, various features of the representative examples and thedependent claims may be combined in ways that are not specifically andexplicitly enumerated in order to provide additional useful embodimentsof the present teachings. In addition, it is expressly noted that allfeatures disclosed in the description and/or the claims are intended tobe disclosed separately and independently from each other for thepurpose of original disclosure, as well as for the purpose ofrestricting the claimed subject matter independent of the compositionsof the features in the embodiments and/or the claims. It is alsoexpressly noted that all value ranges or indications of groups ofentities disclose every possible intermediate value or intermediateentity for the purpose of original disclosure, as well as for thepurpose of restricting the claimed subject matter. It is also expresslynoted that the dimensions and the shapes of the components shown in thefigures are designed to help understand how the present teachings arepracticed but are not intended to limit the dimensions and the shapesshown in the examples.

FIG. 1 illustrates system architecture of an exemplary ISP network,according to one embodiment. User equipment (UE) 115 is connected to theInternet 150 via an Internet service provider (ISP) network 140. The ISPnetwork 140 includes Internet edge routers 111 a and 111 b, accessrouters 113 a, 113 b, and 113 c, and core routers 112 a and 112 b.However, it is noted that the ISP network 140 can include any number ofInternet edge routers, access routers, and core routers withoutdeviating from the scope of the present disclosure. Internet edgerouters 111 a and 111 b connect the ISP network 140 to the Internet 150at various points that may be geographically separated depending on thesize of the ISP network 140. Access routers 113 a, 113 b, and 113 cprovide a protocol for managing addressing and connectivity in thenetwork (e.g., dynamic host control protocol (DHCP)) and connect the UE115 to the ISP network 140. Core routers 112 a and 112 b connect andaggregate data traffic from the access routers 113 a, 113 b, and 113 cto the Internet edge routers 111 a and 111 b. The ISP network 140provides alternate paths of the UE 115 to the Internet 150 using variousedge routers, core routers, and access routers to support higherreliability of service to the access routers 113. For simplicity, theterm, “router” is herein used to represent different network transportelements within the ISP network 140.

According to one embodiment, the present system and method provides amanagement system 160. The management system 160 may be externallylocated from the ISP network 140 and connected to the ISP network 140via the Internet 150 or internally located within the ISP network 140.The management system 160 locates the UE 115 that is connected to theISP network 140 by requesting the access router 113 b that is attachedto the target UE 115 to send information or data traffic related to theUE 115. The management system 160 processes the received information ordata traffic related to the UE 115 and determines the location as wellas the connectivity status of the target UE 115. The target UE 115 maybe attached to any access router within the ISP network 140 at any giventime or move from one access router to another access router.

FIG. 2 illustrates a schematic diagram of an exemplary ISP networkincluding a management system, according to one embodiment. The ISPnetwork includes a UE 210, an access router 220, and a DHCP router 221.There may be several UEs, access routers, and DHCP routers within theISP network without deviating from the scope of the present disclosure.Each UE may be connected to one or more access routers. More than oneUEs may be connected to a single access router.

According to one embodiment, the present system and method provides amanagement system 160 including a discovery proxy 222, a target proxy223, and a delivery proxy 224. The management system 160, particularlythe discover proxy 222, is capable of handling a wide variety of routertypes, registration protocols, registration record types, address types,and connectivity data record types. Therefore, the management system 160is capable of working over an ISP network that evolved through mergersand acquisitions, thus comprises various network protocols and types.The management system 160 may be located inside or outside of an ISPnetwork. If the management system 160 is located outside an ISP network,as illustrated in FIG. 1, the management system 160 communicates withthe access router 220 via at least one Internet edge router and/or acore router (not shown). The access router 220 may incorporate a DHCPnode 221 as represented by a dashed line 250, or the DHCP node 221 maybe implemented in a separate node from the access router 220. The DHCPnode 221 may be located on a host that is accessible by multiple accessrouters. The DHCP standard is defined and managed by the InternetEngineering Task Force (IETF).

The discovery proxy 222 periodically scans the access routers and DHCPnodes to collect address assignment records of attached UEs with theirassociated identities and addresses, and passes the address assignmentrecords to a discovery server 230. Using the address assignment recordsof the UEs, the discovery server 230 performs the UE location discoveryfunction (LDF). The discovery proxy 222 watches for state changes of theattached UEs by inspecting DHCP logs, authentication, authorizing andaccounting (AAA) logs, and other log and status information available inthe ISP network. For example, the discovery proxy 222 supports adynamically provisioned user network such as coffee shop hotspots andhotel networks.

The discovery server 230 searches for a record of a target UE (e.g., UE210) over its data repository, correlates the state change informationof the target UE, and links the identity and address to the target UE.Once a state change is detected, the discovery server 230 triggers anaccess selection server 231 to submit a targeting request to the ISPnetwork. The access selection server 231 has a UE access selectionfunction (ASF) and submits the targeting request to the ISP networkthrough a target proxy 223. The target proxy 223 has the permission anda protocol to access a specific access router 220 that serves the targetUE 210. The access router 220 establishes a connection to the deliveryproxy 224 that maintains a permanent connection to a packet analysisserver 232.

According to one embodiment, the discovery proxy 222, the target proxy223, and the delivery proxy 224 may be located on separate physicalnodes, combined in a single physical node, and any combination of proxyfunctions may be implanted on a particular physical node. Likewise, thediscovery server 230, the access selection server 231, and the packetanalysis server 232 may be located on separate or any combination ofphysical servers. Furthermore, the servers may be operated inside an ISPnetwork, or remotely outside the ISP network in a partner network (e.g.,a trusted third party network).

According to one embodiment, the management system 160 further comprisesa metadata selection server 233 and a metadata analysis server 234. Themetadata selection server 233 and the metadata analysis server 234 areconnected to each other and to the discovery server, respectively. Themetadata selection server 233 receives a request for connectivity statusof the user equipment 210 from a requesting system and sends a responseto the requesting system. The requesting system may be internal orexternal to the ISP network. The discovery server 230 maintains arepository of connectivity information of user equipment to the networkand sends the connectivity information of a target user equipment to themetadata analysis server 234. The metadata analysis server 234 providesthe analysis of the connectivity status of the target user equipment tothe metadata selection server 233 that responds to the requestingsystem. The process of providing connectivity status of a target userequipment is discussed in further detail below with reference to FIG. 4.

FIG. 3 illustrates an exemplary discovery process of target userequipment in an ISP network, according to one embodiment. Variousproxies and servers may be used, independently or in any combination, toallow each discovery function to scale independently according to aprocessing speed and memory capacity required to perform each function.

The UE 210 in an ISP network performs a network entry process thatinvolves a request for address assignment to an access router 220. Inoperation 301, the UE 210 makes an address assignment request for anetwork entry to the access router 220 by providing equipment-relatedidentities and credentials and receives an IP address and other hostconfiguration parameters from the access router 220. The hostconfiguration parameters may include a supporting DHCP server (notshown) that assigns the IP address of the UE 210. The address assignment(or address binding) information between the UE 210 and the accessrouter 220 is maintained as long as the UE 210 connects with the accessrouter 220.

In operation 302, the discovery proxy 222 periodically contacts each ofthe access routers in the network and requests an update to the addressassignment data between the access router 220 and the UE 210. Thediscovery proxy 222 is provisioned with a list of routers to monitor andcredentials to authenticate itself to each of the routers. In addition,the discovery proxy 222 provides a secure link to other proxies orservers within the ISP network or cloud-based servers or hosts that areremotely located outside the ISP network.

In operation 303, the discovery proxy 222 passes the address assignmentdata between the UE 210 and the access router 220 to a discovery server230. According to one embodiment, the discovery proxy 222 does not storethe data collected from the access router 220, but instead sends thedata to the discovery server 230 where the address assignment data isstored in a data store. The discovery server 230 processes the receivedaddress assignment data from the access router 220 and performs a searchand cross-referencing with other sources of data that correlates withthe name and addressing identities of the UEs. Examples of other sourcesof data included, but are not limited to, data received fromauthentication, authorization, and accounting (AAA) nodes, operationssupport systems (OSS), and business support systems (BSS).

In operation 304, a management system or a third party service providesa monitoring request for monitoring a particular user's data traffic tothe access selection server 231. The management system provides a targetidentity such as a name of an address that may not be directly visibleto the access router 220. The access selection server 231 manages alife-cycle of the monitoring request and activates and deactivates themonitoring request. The life-cycle of monitoring the user may spanmultiple connection activations and deactivations that may result fromeither intermittent connectivity while stationary or due to mobilitywhere the user connects to a sequence of access routers. Thus, a singlerequest to monitor a user, may translate into a series of monitoringactivations/deactivation requests to a series of access routers, hereinreferred to as dynamic triggering.

In operation 305, the access selection server 231 provides a monitorrequest to the discovery server 230 to perform a series of mappings todiscover the identity and IP address of the access selection server 231that serves the target UE 210 in the network, and returns the accessselection server 231 with parameters to provision the target UE 210. Theparameters that the discovery server 230 sends to the access selectionserver 231 in response to the monitor request include, for example, butnot limited to, the connectivity information between the access router220 and the target proxy 223, and between the access router 220 and thedelivery proxy 224, and the user information on the UE 210. Using theseparameters, the access selection server 231 determines that the user onthe UE 210 attached to the access router 220 can be activated by thetarget proxy 223 to deliver to the delivery proxy 224.

In operation 306, the access selection server 231 formulates and sends aprovisioning request to the target proxy 223. The target proxy 223performs the same ISP network internal and backhaul security functionsas the other proxies. The target proxy 223 then connects to the selectedaccess router 220 and manages the provisioning connectivity to theaccess router 220 in operation 307. The provisioned information includesthe identity of the delivery proxy 224 and the packet analysis server232, information to correlate the delivered packet stream with thecorrect target request, and required signature and encryptionparameters, as needed.

In operation 308, copies of packets flow between the access router 220and the packet analysis server through the delivery proxy 224. Thedelivery proxy 224 provides reliable and loss-free connectivity for datastreaming between the access router 220 and the packet analysis server232. The packet analysis server 232 performs various analyses of the UEpackets. For example, a user complains that his/her voice over IP (VoIP)voice audio is poor, and the packet analysis server 232 determines thatanother user's gaming application is hogging the bandwidth and suggeststhe user to implement some form of quality of service (QoS) controls toimprove the voice quality of his/her VoIP application. In operation 309,the management system submits a target release request to the accessselection server 231. Similar to the provisioning process, the accessselection server 231 formulates and sends a de-provisioning request tothe target proxy 223 in operation 310. The target proxy 223 connects tothe selected access router 220 and de-provisions the target UE 210 inoperation 311. After the de-provisioning of the target UE 210, theaccess router 220 removes the monitoring function and stops thereplicated packet flow to the delivery proxy 224.

In some embodiments, the access selection server 231 may have additionalprovisioning and de-provisioning flows to the delivery proxy 224 or thepacket analysis server 232 to provide the correlation information to thedelivery proxy 224 or the packet analysis server 232 instead of theaccess router 220.

FIG. 4 illustrates an exemplary process for monitoring connectivitystatus of target user equipment in an ISP network, according to oneembodiment. In operation 401, the metadata selection server 233 receivesa request from an external system (not shown) including a type and oneor more parameters to identify a target user equipment in the ISPnetwork. In operation 402, the metadata selection server 233 sends adata query request to the discovery server 230. In operation 403, thediscovery server 230 the requested data subset to the metadata analysisserver 234. In operation 404, the metadata analysis server 234 sends thedata results to the metadata selection server 233. In operation 405, themetadata selection server 233 sends the response including an answer tothe requesting external system.

The discovery server 230 maintains a repository of connectivityinformation of target user equipment to the network. Using theconnectivity information of target equipment, the discovery server 230can discover various information about the target user equipment, forexample, but not limited to:

-   -   history of IP addresses that a target user is connected from and        a list of access routers that the target user is connected to.    -   users who are connected to a target user equipment using the IP        address of the target user equipment.    -   history of connection requests for an access router (e.g., to        determine the status of the access router)    -   an outage report to a governing agency (e.g., Federal        Communications Commission (FCC)).    -   connectivity periods of the target user to adjust billing, as        needed.

FIG. 5 illustrates an exemplary computer architecture that may be usedfor the present system, according to one embodiment. The exemplarycomputer architecture may be used for implementing one or morecomponents described in the present disclosure including, but notlimited to, the present content curation system. One embodiment ofarchitecture 500 includes a system bus 501 for communicatinginformation, and a processor 502 coupled to bus 501 for processinginformation. Architecture 500 further includes a random access memory(RAM) or other dynamic storage device 503 (referred to herein as mainmemory), coupled to bus 501 for storing information and instructions tobe executed by processor 502. Main memory 503 also may be used forstoring temporary variables or other intermediate information duringexecution of instructions by processor 502. Architecture 500 may alsoinclude a read only memory (ROM) and/or other static storage device 504coupled to bus 501 for storing static information and instructions usedby processor 502.

A data storage device 505 such as a magnetic disk or optical disc andits corresponding drive may also be coupled to architecture 500 forstoring information and instructions. Architecture 500 can also becoupled to a second I/O bus 506 via an I/O interface 507. A plurality ofI/O devices may be coupled to I/O bus 506, including a display device508, an input device (e.g., an alphanumeric input device 509 and/or acursor control device 510).

The communication device 411 allows for access to other computers (e.g.,servers or clients) via a network. The communication device 411 511 mayinclude one or more modems, network interface cards, wireless networkinterfaces or other interface devices, such as those used for couplingto Ethernet, token ring, or other types of networks.

While some specific embodiments of the present disclosure have beenshown, the present disclosure should not be interpreted to limit thescope of the present disclosure to these embodiments. For example, mostfunctions performed by electronic hardware components may be duplicatedby software emulation. Thus, a software program written to accomplishthose same functions may emulate the functionality of the hardwarecomponents in input-output circuitry. The present disclosure is to beunderstood as not limited by the specific embodiments described herein,but only by scope of the appended claims.

Embodiments as described herein have significant advantages overpreviously developed implementations. As will be apparent to one ofordinary skill in the art, other similar apparatus arrangements arepossible within the general scope. The embodiments described above areintended to be exemplary rather than limiting, and the bounds should bedetermined from the claims.

What is claimed is:
 1. A method comprising: periodically scanning anaccess router that serves a target user equipment; collecting an addressassignment record of the target user equipment via the access router;passing the address assignment record to a discovery server; andidentifying a location of the target user equipment at the discoveryserver based on the address assignment record of the target userequipment.
 2. The method of claim 1, wherein the network is an Internetservice provider network.
 3. The method of claim 1, further comprisingimplementing a dynamic host configuration protocol (DHCP) by the accessrouter and assigning an IP address of the user equipment.
 4. The methodof claim 1, further comprising, at the discovery server, communicatingwith an access selection server at the discovery server and generating atargeting request to a target proxy.
 5. The method of claim 4, furthercomprising managing a life-cycle of the targeting request by the accessselection server including activating and deactivating the targetingrequest.
 6. The method of claim 4, further comprising sending thetargeting request by the target proxy to the access router that servesthe target user equipment.
 7. The method of claim 6, further comprisingestablishing a connection by the access router to a delivery proxy. 8.The method of claim 7, further comprising replicating packets associatedwith the target user equipment by the delivery proxy to a packetanalysis server for analyzing the packets.
 9. The method of claim 8,further comprising sending a de-provisioning request by the accessselection server to the target proxy.
 10. The method of claim 9, furthercomprising connecting the target proxy to the access router andde-provisioning the target user equipment.
 11. The method of claim 7,further comprising collecting one or more of user information of a userattached to the access router, connectivity information between theaccess router to the target proxy, and connectivity information betweenthe access router to the delivery proxy.
 12. The method of claim 5,wherein the life-cycle of the targeting request comprises a series ofmonitoring activations and deactivation requests to a series of accessrouters.
 13. The method of claim 1, further comprising: receiving arequest for connectivity status of the target user equipment at ametadata selection server; generating a data query request to thediscover server; sending connectivity information of the target userequipment to a metadata analysis server; generating a response to therequest for connectivity status at the metadata analysis server; andproviding the response via the metadata selection server.
 14. The methodof claim 13, wherein the response is selected from a group comprising:history of IP addresses that a target user is connected from and a listof access routers that the target user is connected to, users who areconnected to the target user equipment using an IP address of the targetuser equipment; history of connection requests for the access router; anoutage report to a governing agency; and connectivity periods of thetarget user.
 15. A system comprising: a user equipment; an access routerthat is configured to bind with the user equipment; a discovery proxyconfigured to periodically scan the access router and collect an addressassignment record of the user equipment via the access router, adiscovery server that is configured to receive the address assignmentrecord from the discovery proxy and identify a location of the userequipment based on the address assignment record of the target userequipment.
 16. The system of claim 15, wherein the network is anInternet service provider network.
 17. The system of claim 15, whereinthe access router implements a dynamic host configuration protocol(DHCP) and assigns an IP address of the user equipment.
 18. The systemof claim 15 further comprising an access selection server and a targetproxy, wherein the discovery server communicates with the accessselection server to generate a targeting request to the target proxy.19. The system of claim 18, wherein the access selection server managesa life-cycle of the targeting request and activates and deactivates thetargeting request.
 20. The system of claim 18, wherein the target proxysends the targeting request to the access router that serves the userequipment and manages provisioning connectivity to the access router.21. The system of claim 20 further comprises a delivery proxy, whereinat the request of the targeting request from the target proxy, theaccess router establishes a connection to the delivery proxy.
 22. Thesystem of claim 21 further comprise a packet analysis server, whereinthe delivery proxy replicates packets associated with the user equipmentto the packet analysis server, and the packet analysis server analyzesthe packets.
 23. The system of claim 22, wherein the access selectionserver sends a de-provisioning request to the target proxy.
 24. Thesystem of claim 23, wherein the target proxy connects to the accessrouter and de-provisions the user equipment.
 25. The system of claim 22,wherein the access selection server sends a monitor request to thediscovery server and receives from the discovery server one or more ofuser information of a user attached to the access router, connectivityinformation between the access router to the target proxy, andconnectivity information between the access router to the deliveryproxy.
 26. The system of claim 19, wherein the life-cycle of thetargeting request comprises a series of monitoring activations anddeactivation requests to a series of access routers.
 27. The system ofclaim 15, further comprising: a metadata selection server; and ametadata analysis server, wherein the metadata selection server receivesa request for connectivity status of the target user equipment andgenerates a data query request to the discover server, wherein thediscover server sends connectivity information of the target userequipment to the metadata analysis server, wherein the metadata analysisserver generates a response to the request for connectivity status; andwherein the metadata selection server provides the response.
 28. Thesystem of claim 27, wherein the response is selected from a groupcomprising: history of IP addresses that a target user is connected fromand a list of access routers that the target user is connected to, userswho are connected to the target user equipment using an IP address ofthe target user equipment; history of connection requests for the accessrouter; an outage report to a governing agency; and connectivity periodsof the target user.